PT-1999-1638 · Microsoft · File Manager+2

Published

1999-12-31

Updated

2017-10-10

CVE-1999-1294

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Windows 3.51

Description: The issue allows local users to read folders for which they do not have permission due to the inheritance of backup and restore permissions by programs started from the Office Shortcut Bar (OSB) in Windows 3.51, such as File Manager.

Recommendations: For Windows 3.51, consider restricting access to the Office Shortcut Bar (OSB) to minimize the risk of exploitation, and avoid using the OSB to start programs that require elevated permissions.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-1999-1294

Affected Products

File Manager

Office Shortcut Bar

Windows 3.51

PT-1999-1638 · Microsoft · File Manager+2

CVE-1999-1294

Related Identifiers

Affected Products

References · 3